﻿using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Data;
using MySql.Data.MySqlClient;
using AdministrationWeb;

namespace AdministrationWeb.Administration
{
    public partial class WebForm2 : System.Web.UI.Page
    {
        protected void Page_Load(object sender, EventArgs e)
        {
            if (IsPostBack)
            {
                //handle posted data 
            }
            else
            {
                ddlPermission.SelectedValue = "S";
            } 
            txtUserName.Focus();
            if (Session["SelectedUser"] != null)
            {
                rqvPassword.Enabled = false;
                lblPassword.Visible = false;
                txtPassword.Visible = false;
                lblPageName.Text = "Edit User";
                User selectedUser = (User)Session["SelectedUser"];
                txtEmailAddress.Text = selectedUser.emailAddress;
                txtFirstName.Text = selectedUser.firstName;
                txtLastName.Text = selectedUser.lastName;
                txtUserName.Text = selectedUser.userName;
                if (selectedUser.graduationYear == 0)
                {
                    txtGradYear.Text = "";
                    CompareValidator1.Enabled = false;
                    txtGradYear.Visible = false;
                    lblGradYear.Visible = false;
                }
                txtGradYear.Text = (selectedUser.graduationYear == 0 ? "" : selectedUser.graduationYear.ToString());
                txtUserName.Enabled = false;
                txtUserId.Text = (selectedUser.userID == 0 ? "" : selectedUser.userID.ToString());
                ddlPermission.SelectedValue = selectedUser.permission.ToString();
                Session.Remove("SelectedUser");
            }
            else
                lblPageName.Text = "New User";
        }

        protected void btnCancel_Click(object sender, EventArgs e)
        {
            Server.Transfer("default.aspx");
        }

        protected void btnSubmit_Click(object sender, EventArgs e)
        {
            string shortPermission;

            switch (ddlPermission.SelectedItem.ToString())
            {
                case "ADMIN":
                    shortPermission = "A";
                    break;
                case "DISABLE":
                    shortPermission = "D";
                    break;
                case "MAINTENANCE":
                    shortPermission = "M";
                    break;
                case "STUDENT":
                    shortPermission = "S";
                    break;
                default:
                    shortPermission = "S";
                    break;
            }
            string insertStatement = "INSERT INTO users "
    + "(graduation_year, username, password, permission, creation_date, first_name, last_name, email, last_modified_date, last_modify_user_id, created_user_id) "
    + "VALUES (?graduation_year, ?username, ?password, ?permission, ?creation_date, ?first_name, ?last_name, ?email, ?creation_date, ?last_modify_user_id, ?last_modify_user_id) "
    + "ON DUPLICATE KEY UPDATE graduation_year=?graduation_year, permission=?permission, first_name=?first_name, last_name=?last_name, "
    + "email=?email, last_modified_date=?creation_date, last_modify_user_id=?last_modify_user_id";

            MySqlConnection conn = new MySqlConnection(System.Configuration.ConfigurationManager.ConnectionStrings["ApplicationConnectionString"].ConnectionString);
            MySqlCommand command = new MySqlCommand(insertStatement, conn);

            try
            {
                if (txtGradYear.Text != "")
                {
                    command.Parameters.AddWithValue("?graduation_year", Convert.ToInt32(txtGradYear.Text));
                }
                else
                {
                    command.Parameters.AddWithValue("?graduation_year", null);
                }
            }
            catch { }
            command.Parameters.AddWithValue("?username", txtUserName.Text);
            command.Parameters.AddWithValue("?password", HashData.HashLogin(txtUserName.Text, txtPassword.Text));
            command.Parameters.AddWithValue("?permission", shortPermission);
            command.Parameters.AddWithValue("?creation_date", DateTime.Now);
            command.Parameters.AddWithValue("?first_name", txtFirstName.Text);
            command.Parameters.AddWithValue("?last_name", txtLastName.Text);
            command.Parameters.AddWithValue("?email", txtEmailAddress.Text);
            command.Parameters.AddWithValue("?last_modify_user_id", MySession.Current.userUserID);
            try
            {
                conn.Open();
                command.ExecuteNonQuery();
                Server.Transfer("UpdateSuccess.aspx");
            }
            catch (Exception ex)
            {
                lblMessage.Visible = true;
                lblMessage.Text = ex.Message;
            }
            finally
            {
                conn.Close();
            }
                }

        
    }
}